Sending from Windows operating systems

There are two methods used to send log data from Windows systems to a Devo relay:

Devo agent. You can install a Devo agent on your Windows servers to forward log data to the relay. There are two agents, Magic and Share, which can be deployed using a centralized installer. This is the preferred method.

WMI (Windows Management Instrumentation) remote collection. This requires a firewall and single user with access to the event data on all Windows servers in the account. This method results in slower performance.

You cannot use both agents simultaneously.

Types of event data

Local and remote Windows event logs including the OS, applications, and anything that uses the eventlog service.